Responsibilities:

The Product Security Incident Response Team is looking for a Senior Security Researcher, to research & discover security vulnerabilities in Fortinet products. 

Discover new Exploitation Techniques or Attack Vectors. Discover new Exploits/Vulnerabilities. Perform Source Code Review to identify potential security flaws.  Write Proof of Concept exploits for vulnerabilities discovered using SAST/DAST. Work with development team to fix the discovered vulnerabilities. Analyze new attacks, attack surfaces. Stay up to date on the latest exploitation techniques.

Requirements:

At least 3 years of experience in Security or Vulnerability Research. Reverse engineering experience including binary analysis, and firmware analysis (using binwalk or other) Prior experience with dynamic analysis debuggers (e.g. OllyDBG, WinDBG), disassemblers or decompilers (e.g. IDA Pro.) Penetration testing web application and attack analysis experience using tools including Burp Suite, Fiddler, or Metasploit, etc. Experience in Source Code Analysis using tools like Coverity, Blackduck, Checkmarx, etc.  Experience in writing Proof of Concept exploits for vulnerabilities discovered using DAST/SAST. Familiar with Top Web Application Security Risks/Vulnerabilities and attack techniques in MITRE ATT&CK matrix. Solid knowledge of programming languages Experience writing code in PHP, Java, C/C++ JavaScript and/or Python. Familiar with Database languages. Familiar with popular Web Server software (e.g. Nginx, Apache, IIS) and Web Application Frameworks. Knowledge of OS Internals & networking protocols such as TCP/IP, DNS, HTTP, Scada, IoT, etc. Self-directed, Self-motivated with the ability to work with minimal supervision and be productive. Good communication skills and a team player Proven analytical and problem solving skills and out-of-the-box thinking. CTF, Bug-Bounty or proven Multiple public records of Vulnerability Disclosure (e.g. CVEs) is a strong plus.

Education

Bachelor or Master of Computer Science or Electrical/Computer Engineering.

The US base salary range for this full-time position is $130,000-$160,000. Fortinet offers employees a variety of benefits, including medical, dental, vision, life and disability insurance, 401(k), 11 paid holidays, vacation time, and sick time as well as a comprehensive leave program.

Wage ranges are based on various factors including the labor market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location.

All roles are eligible to participate in the Fortinet equity program, Bonus eligibility is reviewed at time of hire and annually at the Company’s discretion.

Why Join Us:
We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being. Embark on a challenging, enjoyable, and rewarding career journey with Fortinet. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe.